Overview

overview

10

Static

static

3

2025-01-30...ry.exe

windows7-x64

10

2025-01-30...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-30_0ae08cd9b74c8c4af564419c80eecbe5_wannacry

  • Size

    5.0MB

  • Sample

    250130-zbentssjgx

  • MD5

    0ae08cd9b74c8c4af564419c80eecbe5

  • SHA1

    498f2f6b574784a486bcaecc5209f15d4beaf43b

  • SHA256

    7c09182ec99fe91bf269b268faec941c84575fcf294bc2aa488652f0b236f536

  • SHA512

    629dade0887e842d591c414f93a48ac3dab54f5641399e2a09a5ef30a5bbb4401c50fa1f1eb3cb37d7631d48dc5cc75446c0c68bcc9f195f7178309e4fc6e3d3

  • SSDEEP

    12288:GebLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUj5:XbLgddQhfdmMSirYbcMNgef0QeQk

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      2025-01-30_0ae08cd9b74c8c4af564419c80eecbe5_wannacry

    • Size

      5.0MB

    • MD5

      0ae08cd9b74c8c4af564419c80eecbe5

    • SHA1

      498f2f6b574784a486bcaecc5209f15d4beaf43b

    • SHA256

      7c09182ec99fe91bf269b268faec941c84575fcf294bc2aa488652f0b236f536

    • SHA512

      629dade0887e842d591c414f93a48ac3dab54f5641399e2a09a5ef30a5bbb4401c50fa1f1eb3cb37d7631d48dc5cc75446c0c68bcc9f195f7178309e4fc6e3d3

    • SSDEEP

      12288:GebLgPlu+QhMbaIMu7L5NVErCA4z2g6rTcbckPU82900Ve7zw+K+DHeQYSUj5:XbLgddQhfdmMSirYbcMNgef0QeQk

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Wannacry family

      wannacry

    • Contacts a large (3304) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks